General

  • Target

    8268078f50f7688877a5cef5b9550947c981b789d81c891c6409b373e512a345

  • Size

    899KB

  • Sample

    241230-tcnega1pft

  • MD5

    d1949839df6db81b6dcd52973774375e

  • SHA1

    1a52fee4dc015a42dcaa51ac0d4ec318641789b6

  • SHA256

    8268078f50f7688877a5cef5b9550947c981b789d81c891c6409b373e512a345

  • SHA512

    73166c4434c0ce8409ae7ed2818ecf606061226fca792a0a9f0a2c8ecb01dae7bd8d90f30f9505c8413478c89018dde601f20fb7ef449e7e3e3be15e02d90dad

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXs:7wqd87Vs

Score
10/10

Malware Config

Extracted

Family

gh0strat

C2

hackerinvasion.f3322.net

Targets

    • Target

      8268078f50f7688877a5cef5b9550947c981b789d81c891c6409b373e512a345

    • Size

      899KB

    • MD5

      d1949839df6db81b6dcd52973774375e

    • SHA1

      1a52fee4dc015a42dcaa51ac0d4ec318641789b6

    • SHA256

      8268078f50f7688877a5cef5b9550947c981b789d81c891c6409b373e512a345

    • SHA512

      73166c4434c0ce8409ae7ed2818ecf606061226fca792a0a9f0a2c8ecb01dae7bd8d90f30f9505c8413478c89018dde601f20fb7ef449e7e3e3be15e02d90dad

    • SSDEEP

      24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PXs:7wqd87Vs

    Score
    10/10
    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Gh0strat family

MITRE ATT&CK Enterprise v15

Tasks